North Koreans suspected in cyber attacks on U.S. government Web sites

WASHINGTON (AP) -- A widespread computer attack that began July 4 knocked out the Web sites of several U.S. government agencies as well as sites in South Korea, in a cyber foray that South Korean intelligence officials believe was carried out by North Korean or pro-Pyongyang forces.

U.S. officials refused to publicly discuss details of the cyber attack.

But South Korea's National Intelligence Service, the nation's main spy agency, told a group of South Korean lawmakers today it believes that North Korea or North Korean sympathizers in the South "were behind" the attacks, according to an aide to one of the lawmakers briefed on the information.

The aide spoke on condition of anonymity citing the sensitivity of the information. The National Intelligence Service -- South Korea's main spy agency -- said it couldn't immediately confirm the report, but it said it was cooperating with American authorities.

Amy Kudwa, spokeswoman for the Homeland Security Department, said the agency's U.S. Computer Emergency Readiness Team issued a notice to federal departments and other partner organizations about the problems and "advised them of steps to take to help mitigate against such attacks."

Others familiar with the U.S. outage, which is called a denial of service attack, said that the fact that the government Web sites were still being affected three days after it began signaled an unusually lengthy and sophisticated attack. The officials spoke on condition of anonymity because they were not authorized to speak on the matter.

Web sites of major South Korean government agencies, including the presidential Blue House and the Defense Ministry, and some banking sites were paralyzed Tuesday. An initial investigation found that many personal computers were infected with a virus ordering them to visit major official Web sites in South Korea and the U.S. at the same time, Korea Information Security Agency official Shin Hwa-su said.